from the 'targeted-killing' dept

At this point, both the NSA's extensive surveillance programs and the CIA's controversial drone "targeted killing" program (read: assassination program) are known and widely discussed. But the two had not been fully connected until now. There had been some reports from the various reporters who have access to the leaked Snowden documents that the NSA was involved, but the details are finally coming out. The first article comes via Barton Gellman at the Washington Post, detailing the NSA's extensive involvement in helping the CIA find targets to kill, including Hassan Ghul, who was taken out by a drone strike a year ago.

In the search for targets, the NSA has draped a surveillance blanket over dozens of square miles of northwest Pakistan. In Ghul’s case, the agency deployed an arsenal of cyber-espionage tools, secretly seizing control of laptops, siphoning audio files and other messages, and tracking radio transmissions to determine where Ghul might “bed down.”

The e-mail from Ghul’s wife “about her current living conditions” contained enough detail to confirm the coordinates of that household, according to a document summarizing the mission. “This information enabled a capture/kill operation against an individual believed to be Hassan Ghul on October 1,” it said.

The file is part of a collection of records in the Snowden trove that make clear that the drone campaign — often depicted as the CIA’s exclusive domain — relies heavily on the NSA’s ability to vacuum up enormous quantities of e-mail, phone calls and other fragments of signals intelligence, or SIGINT.

The NSA likes to talk about how its focus is on counter-terrorism operations in the form of finding out about potential terrorist activities in order to stop them. It likes to pretend that it isn't so involved in offensive actions. However, the reporting here suggests a different story altogether. The NSA is a key part of the assassination program.

While it may be a good thing to track down terrorists working to attack the US, the potential that these kinds of programs might also be abused is serious. Once again, what becomes clear is that the NSA will apparently do everything possible to get access to the information it wants:

“But if you wanted huge coverage of the FATA, NSA had 10 times the manpower, 20 times the budget and 100 times the brainpower,” the former intelligence official said, comparing the surveillance resources of the NSA to the smaller capabilities of the agency's IOC. The two agencies are the largest in the U.S. intelligence community, with budgets last year of $14.7 billion for the CIA and $10.8 billion for the NSA. “We provided the map,” the former official said, “and they just filled in the pieces.”

In broad terms, the NSA relies on increasingly sophisticated versions of online attacks that are well-known among security experts. Many rely on software implants developed by the agency’s Tailored Access Operations division with code-names such as UNITEDRAKE and VALIDATOR. In other cases, the agency runs “man-in-the-middle” attacks in which it positions itself unnoticed midstream between computers communicating with one another, diverting files for real-time alerts and longer-term analysis in data repositories.

Through these and other tactics, the NSA is able to extract vast quantities of digital information, including audio files, imagery and keystroke logs. The operations amount to silent raids on suspected safe houses and often are carried out by experts sitting behind desks thousands of miles from their targets.

The reach of the NSA’s Tailored Access Operations division extends far beyond Pakistan. Other documents describe efforts to tunnel into systems used by al-Qaeda affiliates in Yemen and Africa, each breach exposing other corridors.

It appears that the attacks are quite effective as well:

The operations are so easy, in some cases, that the NSA is able to start downloading data in less time than it takes the targeted machine to boot up. Last year, a user account on a social media Web site provided an instant portal to an al-Qaeda operative’s hard drive. “Within minutes, we successfully exploited the target,” the document said.

Now, to some extent, you can argue that these kinds of activities are the ones we'd expect the NSA to be taking: using systems to break into communications efforts of terrorists to track them down. But, as the report also notes, this main operative who they caught through use of this system, Ghul, was actually in CIA custody for years before they released him... only to then have the NSA go through this big process to re-find him and take him out with a drone.

Oh, and not just take him out... but then use the NSA to find out for sure that he was dead:

Even after Ghul was killed in Mir Ali, the NSA’s role in the drone strike wasn’t done. Although the attack was aimed at “an individual believed to be” the correct target, the outcome wasn’t certain until later when, “through SIGINT, it was confirmed that Hassan Ghul was in fact killed.”

The NSA and its supporters will undoubtedly spin this to show how good it is that the NSA has these kinds of capabilities, allowing them to track down and dispatch terrorists. But it remains concerning how this level of spying and power (all the way down to assassinations) can easily be combined and used in ways that are even more questionable.